research-article

Exploiting Submodularity in Security Measure Allocation for Industrial Control Systems

Authors:

Jezdimir Milošević,

Takashi Tanaka,

Henrik Sandberg,

Karl Henrik JohanssonAuthors Info & Claims

SafeThings'17: Proceedings of the 1st ACM Workshop on the Internet of Safe Things

Pages 64 - 69

https://doi.org/10.1145/3137003.3137011

Published: 05 November 2017 Publication History

Abstract

Industrial control systems are cyber-physical systems that are used to operate critical infrastructures such as smart grids, traffic systems, industrial facilities, and water distribution networks. The digitalization of these systems increases their efficiency and decreases their cost of operation, but also makes them more vulnerable to cyber-attacks. In order to protect industrial control systems from cyber-attacks, the installation of multiple layers of security measures is necessary. In this paper, we study how to allocate a large number of security measures under a limited budget, such as to minimize the total risk of cyber-attacks. The security measure allocation problem formulated in this way is a combinatorial optimization problem subject to a knapsack (budget) constraint. The formulated problem is NP-hard, therefore we propose a method to exploit submodularity of the objective function so that polynomial time algorithms can be applied to obtain solutions with guaranteed approximation bounds. The problem formulation requires a preprocessing step in which attack scenarios are selected, and impacts and likelihoods of these scenarios are estimated. We discuss how the proposed method can be applied in practice.

References

[1]

S. Amin, X. Litrico, S. Sastry, and A. M. Bayen. 2013. Cyber Security of Water SCADA Systems - Part I: Analysis and Experimentation of Stealthy Deception Attacks. IEEE Transactions on Control Systems Technology 21, 5 (Sept 2013), 1963--1970.

[2]

R. B. Bobba, K. M. Rogers, Q. Wang, H. Khurana, K. Nahrsted, and T.J. Overbye. 2010. Detecting false data injection attacks on DC state estimation. In Preprints of the First Workshop on Secure Control Systems, CPSWEEK, Vol. 2010.

[3]

A. A. Cárdenas, S. Amin, Z. Lin, Y. Huang, C. Huang, and S. Sastry. 2011. Attacks Against Process Control Systems: Risk Assessment, Detection, and Response. In Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security (ASIACCS '11). ACM, New York, NY, USA, 355--366.

Digital Library

[4]

Defense Use Case. 2016. Analysis of the Cyber Attack on the Ukrainian Power Grid. (2016).

[5]

S. Khuller, A. Moss, and J. Naor. 1999. The budgeted maximum coverage problem. Inform. Process. Lett. 70, 1 (1999), 39--45.

Digital Library

[6]

T. T. Kim and H. V. Poor. 2011. Strategic Protection Against Data Injection Attacks on Power Grids. IEEE Transactions on Smart Grid 2, 2 (June 2011), 326--333.

[7]

D. Kuipers and M. Fabro. 2006. Control systems cyber security: Defense in depth strategies. United States. Department of Energy.

[8]

D. Kushner. 2013. The real story of STUXNET. IEEE Spectrum 50, 3 (March 2013), 48--53.

[9]

J. Leskovec, A. Krause, C. Guestrin, C. Faloutsos, J. VanBriesen, and N. Glance. 2007. Cost-effective Outbreak Detection in Networks. In ACM SIGKDD International Conference on Knowledge Discovery and Data Mining (KDD). 420--429.

Digital Library

[10]

Y. Liu, P. Ning, and M. K. Reiter. 2011. False Data Injection Attacks Against State Estimation in Electric Power Grids. ACM Trans. Inf. Syst. Secur. 14, 1, Article 13 (June 2011), 33 pages.

Digital Library

[11]

G.L. Nemhauser, L.A. Wolsey, and M.L. Fisher. 1978. An analysis of approximations for maximizing submodular set functions I. Mathematical Programming 14, 1 (1978), 265--294.

Digital Library

[12]

J. Slay and M. Miller. 2008. Lessons Learned from the Maroochy Water Breach. Springer US, Boston, MA, 73--82.

[13]

K. Stouffer, J. Falco, and K. Scarfone. 2011. Guide to industrial control systems (ICS) security. NIST special publication 800, 82 (2011), 16--16.

[14]

M. Sviridenko. 2004. A note on maximizing a submodular set function subject to a knapsack constraint. Operations Research Letters 32, 1 (2004), 41--43.

Digital Library

[15]

A. Teixeira, I. Shames, H. Sandberg, and K.H. Johansson. 2015. A secure control framework for resource-limited adversaries. Automatica 51 (2015), 135--148.

Digital Library

[16]

A. Teixeira, K. C. Sou, H. Sandberg, and K. H. Johansson. 2015. Secure Control Systems: A Quantitative Risk Management Approach. IEEE Control Systems 35, 1 (Feb 2015), 24--45.

[17]

D. Umsonst, H. Sandberg, and A. A. Cárdenas. 2017. Security analysis of control system anomaly detectors. In American Control Conference (ACC), 2017. IEEE, 5500--5506.

[18]

O. Vukovic, K. C. Sou, G. Dan, and H. Sandberg. 2012. Network-Aware Mitigation of Data Integrity Attacks on Power System State Estimation. IEEE Journal on Selected Areas in Communications 30, 6 (July 2012), 1108--1118.

Cited By

Giehl AWiedermann NPlaga S(2019)A framework to assess impacts of cyber attacks in manufacturingProceedings of the 2019 11th International Conference on Computer and Automation Engineering10.1145/3313991.3314003(127-132)Online publication date: 23-Feb-2019
https://dl.acm.org/doi/10.1145/3313991.3314003
Tang YZou NShi YWang X(2018)Research Progress of Security Protection for Dispatching Automation System2018 IEEE International Conference on Progress in Informatics and Computing (PIC)10.1109/PIC.2018.8706298(339-343)Online publication date: Dec-2018
https://doi.org/10.1109/PIC.2018.8706298
Kintzler FGawron-Deutsch TCejka SSchulte JUslar MVeith EPiatkowska ESmith PKupzog FSandberg HChong MUmsonst DMittelsdorf M(2018)Large Scale Rollout of Smart Grid Services2018 Global Internet of Things Summit (GIoTS)10.1109/GIOTS.2018.8534432(1-7)Online publication date: Jun-2018
https://doi.org/10.1109/GIOTS.2018.8534432
Show More Cited By

Index Terms

Exploiting Submodularity in Security Measure Allocation for Industrial Control Systems
1. Hardware
  1. Robustness
    1. Safety critical systems
2. Information systems
  1. Information systems applications
    1. Process control systems

Recommendations

A survey on security control and attack detection for industrial cyber-physical systems

Cyber-physical systems (CPSs), which are an integration of computation, networking, and physical processes, play an increasingly important role in critical infrastructure, government and everyday life. Due to physical constraints, embedded computers and ...
Securing industrial control systems: Developing a SCADA/IoT test bench and evaluating lightweight cipher performance on hardware simulator
Abstract
This paper addresses the critical need for enhancing security in Supervisory Control and Data Acquisition (SCADA) networks within Industrial Control Systems (ICSs) to protect the industrial processes from cyber-attacks. The purpose of our work is ...
Hacking Exposed Industrial Control Systems: ICS and SCADA Security Secrets & Solutions

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

SafeThings'17: Proceedings of the 1st ACM Workshop on the Internet of Safe Things

November 2017

75 pages

ISBN:9781450355452

DOI:10.1145/3137003

Editor:
Rasit Eskicioglu
University of Manitoba, Canada

Copyright © 2017 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 05 November 2017

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article
Research
Refereed limited

Funding Sources

The Swedish Research Counci
The Swedish Civil Contingencies Agency

Conference

SenSys '17

Sponsor:

SenSys '17: The 15th ACM Conference on Embedded Network Sensor Systems

November 5, 2017

Delft, Netherlands

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

4
Total Citations
View Citations
160
Total Downloads

Downloads (Last 12 months)9
Downloads (Last 6 weeks)0

Reflects downloads up to 08 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

Giehl AWiedermann NPlaga S(2019)A framework to assess impacts of cyber attacks in manufacturingProceedings of the 2019 11th International Conference on Computer and Automation Engineering10.1145/3313991.3314003(127-132)Online publication date: 23-Feb-2019
https://dl.acm.org/doi/10.1145/3313991.3314003
Tang YZou NShi YWang X(2018)Research Progress of Security Protection for Dispatching Automation System2018 IEEE International Conference on Progress in Informatics and Computing (PIC)10.1109/PIC.2018.8706298(339-343)Online publication date: Dec-2018
https://doi.org/10.1109/PIC.2018.8706298
Kintzler FGawron-Deutsch TCejka SSchulte JUslar MVeith EPiatkowska ESmith PKupzog FSandberg HChong MUmsonst DMittelsdorf M(2018)Large Scale Rollout of Smart Grid Services2018 Global Internet of Things Summit (GIoTS)10.1109/GIOTS.2018.8534432(1-7)Online publication date: Jun-2018
https://doi.org/10.1109/GIOTS.2018.8534432
Milošević JTeixeira ATanaka TJohansson KSandberg H(2018)Security measure allocation for industrial control systems: Exploiting systematic search techniques and submodularityInternational Journal of Robust and Nonlinear Control10.1002/rnc.437530:11(4278-4302)Online publication date: 17-Oct-2018
https://doi.org/10.1002/rnc.4375

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten